[Ping]

On Sat, Oct 18, 2014 at 09:13:05PM +0200, Julian Andres Klode wrote:
> (adding [email protected] to CC)
> 
> On Sat, Oct 18, 2014 at 08:31:38PM +0200, Julian Andres Klode wrote:
> > Package: ecryptfs-utils
> > Version: 103-3+b1
> > Severity: important
> > Tags: security
> > 
> > Previously, a Private directory was automatically unmounted on logout. This
> > does not happen anymore. One problem could be that the systemd user instance
> > is not bound to logins and will most likely only exit after the last login,
> > leaving a process running as that user, and thus causing ecryptfs-utils to
> > think the user is still active.
> > 
> > This is a regression from wheezy as far as I am aware.
> > 
> 
> So the reason appears to be that systemd keeps another PAM session around for
> running its (sd-pam) and systemd --user processes, causing 
> ecryptfs-umount-private
> to think one session is still remaining. This means we have to run 
> ecryptfs-umount-private before exiting the systemd --user session.
> 
> The following user unit does this (called it ecryptfs-umount-private.service),
> but I'm not sure if that's the best solution, if something in there is broken,
> or how to correctly install that globally.
> 
> -- ecryptfs-umount-private.service:
> 
> [Unit]
> Description=Umount Private directory
> Before=systemd-exit.service
> DefaultDependencies=no
> Requires=shutdown.target
> After=shutdown.target
> 
> [Service]
> Type=oneshot
> ExecStart=/usr/bin/ecryptfs-umount-private
> 
> [Install]
> WantedBy=exit.target
> 


-- 
Julian Andres Klode  - Debian Developer, Ubuntu Member

See http://wiki.debian.org/JulianAndresKlode and http://jak-linux.org/.

Be friendly, do not top-post, and follow RFC 1855 "Netiquette".
    - If you don't I might ignore you.


-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to